We sign Business Associate Agreements (BAA)

We maintain strict administrative, technical, and physical safeguards to protect user data. Our security framework includes:

• Encryption at rest and in transit — all data is encrypted using industry-standard AES-256 and TLS 1.2+ protocols.

• Least privilege access — only authorized personnel can access data strictly necessary for operational purposes.
  Comprehensive audit logging — all access and system actions are recorded and monitored for compliance and security reviews.

• Regular security assessments — vulnerability scans, penetration testing, and compliance audits conducted periodically.

We also provide a Data Processing Addendum (DPA) to ensure full compliance with HIPAA, GDPR, and other applicable privacy regulations.